Manager, Security Risk Management Job

Minneapolis, Minnesota
20 Sep 2016
24 Nov 2016
Contract Type
Full Time
Location(s): CO - Denver; MN - Minneapolis
Are you ready to take your leadership potential to the next level with a growing Fortune 500 company?  Xcel Energy is at the leading edge of an industry that is changing quickly. We're seeking dynamic, proven leaders to help guide us into this exciting energy future. If you're looking to lead at a company that is committed to excellence, safety and environmental stewardship, with plenty of room to grow, consider a position at Xcel Energy.
Xcel Energy's ESS team is responsible for all aspects of security including Cyber, Physical, Enterprise Continuity, Governance and Risk services.  This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in.  Come join this high-energy team in building a best-in-class Cyber Security program tasked with protecting the critical infrastructure Xcel Energy's customers depend on.
Xcel Energy is hiring a Manager of Security Risk Management to be based out of Denver, CO or Minneapolis, MN. The Manager will direct a staff of approximately 7 individuals (FTE & contractor), guide troubleshooting of obstacles & strategies. Travel will be required within our service territory and to industry events (approximately 25%). The Manager will need to have strong interpersonal and written communication, collaboration, and relationship building skills.
Position Summary
Responsible for developing, implementing and managing the strategy around the Risk Management Frameworks, including Risk Assessments, Risk Scoring and Response, Vendor Risk, Data Privacy and Protection. Primary point of contact in relation to enterprise security risk management. Accountable for maturing risk frameworks and associated governance, and ensuring there is an appropriate security risk posture for the organization. This position will be a leader and influencer in the development of a security culture throughout the enterprise.

Essential Responsibilities
  • Manages the creation and execution of the Enterprise Security Risk Strategy. Ensures the Enterprise Security Risk program and all related processes and procedures are developed and maintained through continuous improvement as needed. Partners with the Enterprise Security Services leadership and key business area leaders to ensure alignment with security risk frameworks and risk tolerance levels. Work will include relationship building and strategy alignment with senior business leaders to develop and facilitate a security risk model that allows for risk based decision making across the enterprise.
  • Manage a dynamic and highly technical team responsible for vendor security, risk assessments, issue remediation and risk communication to key stakeholders.
  • Provides regular updates to key stakeholders in the form of security risk metrics and dashboards to communicate risk levels and facilitate risk based decisions.
  • Actively and professionally engage business partners in conversations that educate and drive good risk decisions for the enterprise. Facilitate and provide consulting to business partners through thought leadership in Security Risk Management.
  • Directs security activities and assessments with 3rd party partners to develop the risk plans, the remediation and ongoing adherence to our risk model.
  • Assesses and applies current security trends to internal risk management practices.

Minimum Requirements
  • BA/BS with a concentration in computer science, technology, or business or equivalent combination of education and experience.
  • At least 8 years experience in the area of IT, Information Protection, Cyber Security, or IT Audit, including at least 3 years experience in a leadership capacity with experience working with business leaders regarding security risk topics.
  • Experience utilizing common security frameworks, including but not limited to NIST and ISO.
  • Demonstrated ability to develop and present risk information to all levels of an organization.
  • Candidate should demonstrate a strong knowledge of security controls, security risk and the ever changing security threat landscape.
  • Experience building and leading a high performing team and establishing strong working relationships with business partners.
  • Demonstrated ability to work across organizational boundaries, and influence others.
  • Ability to define and manage internal projects and milestones, and demonstrated leadership skills.
This position requires a behavioral assessment prior to being considered for an interview.
As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you're ready to be a part of something big, we invite you to join our team.
Posting Notes:  MN - Minneapolis || CO - Denver; MN - Minneapolis || United States (US) || Utilities and Corporate Servic || 70060:Enterprise Security Services || Full-Time || Non-Bargaining ||
Requisition Number: 5772
Equal Opportunity Employer: Minority/Female/Disability/Veteran
Individuals with a disability who need an accommodation to apply please contact us at